CVE-2018-8492

Name of the Vulnerable Software and Affected Versions Windows Server 2016 Windows 10 Windows Server 2019 Windows 10 Servers

Description The issue is related to a security feature bypass in the Device Guard component of the Windows operating system, which is caused by errors in security settings. This could allow a local attacker to inject arbitrary code into a Windows PowerShell session.

Recommendations For Windows Server 2016, update the Device Guard settings to prevent code injection. For Windows 10, apply the necessary security patches to fix the bypass vulnerability. For Windows Server 2019, modify the code integrity policy to prevent malicious code injection. For Windows 10 Servers, restrict access to the Windows PowerShell session until the issue is resolved.